Featured Blogs
Analyzing KillDisk Ransomware, Part 1: Whitelisting
This blog post was written by Sudhanshu Dubey. At McAfee Labs we recently analyzed the ransomware KillDisk. We will share...
Analyzing CVE-2021-1665 – Remote Code Execution Vulnerability in Windows GDI+
Introduction Microsoft Windows Graphics Device Interface+, also known as GDI+, allows various applications to use different graphics functionality on video...
Analyzing CVE-2017-9791: Apache Struts Vulnerability Can Lead to Remote Code Execution
Apache Struts is a model-view-controller framework for creating Java web applications. Struts has suffered from a couple of vulnerabilities using...
Analyzing CVE-2017-3731: Truncated Packets Can Cause Denial of Service in OpenSSL
OpenSSL is a popular open-source library for SSL and is used by various software and companies across the world. In...
Analyzing CVE-2017-0190: WMF Flaws Can Lead to Data Theft, Code Execution
CVE-2017-0190 is a recently patched vulnerability related to Windows metafiles (WMFs), a portable image format mainly used by 16-bit Windows...
Analyzing CVE-2016-9311: NTPD Vulnerability Can Lead to Denial of Service
The network time protocol synchronizes time across various devices on a network. The network time protocol daemon (NTPD) is an...
Analyzing and Identifying Issues with the Microsoft Patch for CVE-2018-8423
Introduction As of July 2019, Microsoft has fixed around 43 bugs in the Jet Database Engine. McAfee has reported a...
Analyzing a Patch of a Virtual Machine Escape on VMware
This blog was written by Yakun Zhang. A virtual machine is a completely isolated guest operating system installation within a...
Analyzing a Fresh Variant of the Dorkbot Botnet
This blog post was written by Sudhanshu Dubey. At McAfee Labs, we have recently observed a new variant of the...
Analysis of LooCipher, a New Ransomware Family Observed This Year
Co-authored by Marc RiveroLopez. Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made...
Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code
Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges...
Analysis of a Chrome Zero Day: CVE-2019-5786
1. Introduction On March 1st, Google published an advisory [1] for a use-after-free in the Chrome implementation of the FileReader...
An Overview of Messaging Botnets
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the...
An Overview of Malware Self-Defense and Protection
Many malware authors spend a great deal of time and effort to develop complex code. Their success depends on a...
An Overall Philosophy on the Use of Critical Threat Intelligence
The overarching threat facing cyber organizations today is a highly skilled asymmetric enemy, well-funded and resolute in his task and...
An Inside Look into Microsoft Rich Text Format and OLE Exploits
There has been a dramatic shift in the platforms targeted by attackers over the past few years. Up until 2016,...
An Inkjet Printer is All You Need to Hack a Smartphone’s Fingerprint Scanner
No two fingerprints are alike. It’s an undisputable fact that’s allowed humanity to make huge strides in criminal justice, record-keeping,...
An Aware Child is Safer Online
A Parent’s Handy Primer on Cyber Vocabulary – Part II Welcome back to our primer! As you may recall, our...
